using System;
using System.Collections.Generic;
using System.Text;
using System.Web.Security;
using System.Security;
using System.Security.Principal;

using Microsoft.ConnectionEngine.Registers.Core.ServiceProvider.Common;
using Microsoft.ConnectionEngine.Common.Security;

namespace Microsoft.ConnectionEngine.Registers.Core.ServiceProvider.Business
{
    /// <summary>
    /// Provides Business Logic for ASP.NET security operations.
    /// </summary>
    public static class SecurityManager
    {
        #region Properties
        public static int MinRequiredNonAlphanumericCharacters
        {
            get
            {
                HSDMembershipProvider membershipProvider = new HSDMembershipProvider();
                return membershipProvider.MinRequiredNonAlphanumericCharacters;
            }
        }

        public static int MinRequiredPasswordLength
        {
            get
            {
                HSDMembershipProvider membershipProvider = new HSDMembershipProvider();
                return membershipProvider.MinRequiredPasswordLength;
            }
        }

        public static string PasswordStrengthRegularExpression
        {
            get
            {
                HSDMembershipProvider membershipProvider = new HSDMembershipProvider();
                return membershipProvider.PasswordStrengthRegularExpression;
            }
        }
        #endregion

        #region User management
        public static MembershipUser CreateUser(string username, string password)
        {
            return SecurityManager.CreateUser(username, password, true);
        }

        public static AspnetMembershipUser CreateUser(string username, string password, bool isApproved)
        {
            MembershipCreateStatus status;

            HSDMembershipProvider membershipProvider = new HSDMembershipProvider();

            AspnetMembershipUser membershipUser = membershipProvider.CreateUser(username, password, username, null, null, isApproved, null,
                out status);
            if (status != MembershipCreateStatus.Success)
            {
                throw new SecurityException("Unable to create user");
            }

            return membershipUser;
        }

        public static AspnetMembershipUser CreateUser(string username, string password, bool isApproved, string hcuId, string providerId)
        {
            MembershipCreateStatus status;

            HSDMembershipProvider membershipProvider = new HSDMembershipProvider();

            AspnetMembershipUser membershipUser = membershipProvider.CreateUser(username, password, username, null, null, isApproved, null,
                hcuId, providerId, out status);
            if (status != MembershipCreateStatus.Success)
            {
                throw new SecurityException("Unable to create user");
            }

            return membershipUser;
        }

        public static void ActivateUser(string username)
        {
            SecurityManager.SetUserApproved(username, true);
        }

        public static void DeactivateUser(string username)
        {
            SecurityManager.SetUserApproved(username, false);
        }

        public static bool ChangeUserPassword(IIdentity user, string oldPassword, string newPassword)
        {
            return SecurityManager.ChangeUserPassword(user.Name, oldPassword, newPassword);
        }

        public static bool ChangeUserPassword(string username, string oldPassword, string newPassword)
        {
            HSDMembershipProvider membershipProvider = new HSDMembershipProvider();
            AspnetMembershipUser membershipUser = membershipProvider.GetUser(username,false);
            return membershipUser.ChangePassword(oldPassword, newPassword);
        }

        public static bool DeleteUser(IIdentity user)
        {
            return SecurityManager.DeleteUser(user.Name);
        }

        public static bool DeleteUser(string username)
        {
            HSDMembershipProvider membershipProvider = new HSDMembershipProvider();
            return membershipProvider.DeleteUser(username, true);
        }

        public static AspnetMembershipUser GetUser(string username)
        {
            HSDMembershipProvider membershipProvider = new HSDMembershipProvider();
            return membershipProvider.GetUser(username,false);
        }

        public static bool UserExists(string username)
        {
            return (GetUser(username) != null);
        }

        public static bool IsUserActive(string username)
        {            
            AspnetMembershipUser membershipUser = SecurityManager.GetUser(username);
            if (membershipUser == null)
            {
                return false;
            }
            return membershipUser.IsApproved;
        }
        #endregion


        public static bool UpdateUser(AspnetMembershipUser user)
        {
            HSDMembershipProvider membershipProvider = new HSDMembershipProvider();
            membershipProvider.UpdateUser(user);
            return true;
        }

        internal static void SetUserApproved(string username, bool isApproved)
        {            
            AspnetMembershipUser  membershipUser = SecurityManager.GetUser(username);
            membershipUser.IsApproved = isApproved;
            SecurityManager.UpdateUser(membershipUser);
        }
        

        #region ValidateUser
        public static HSDPrincipal ValidateUser(string username, string password)
        {
            HSDPrincipal principal = null;

            HSDMembershipProvider membershipProvider = new HSDMembershipProvider();
            if (membershipProvider.ValidateUser(username, password))
            {
                principal = GetUserPrincipal(username, password);
            }
            else
            {
                //Find out why user is unable to login
                //if (UserExists(username))
                //{
                //    UserRegistration ur = UserFactory.LoadUserRegistration(username);
                //    throw new SecurityException(Properties.ExceptionResources.UserNotApproved + ur.Status.Description);
                //}
                //else
                //    throw new SecurityException(Properties.ExceptionResources.UserValidation);
                throw new Exception("Invalid User");
            }

            return principal;
        }

        public static HSDPrincipal GetUserPrincipal(string username, string password)
        {            
            HSDIdentity identity = null;
            //string[] roles = null;
            List<String> roles = new List<String>();

            AspnetMembershipUser aspnetMembershipUser = AspnetMembershipUserManager.GetByUserName(username);
            if (aspnetMembershipUser != null)
            {                
                identity = new HSDIdentity(aspnetMembershipUser.UserID.ToString(), username, password, aspnetMembershipUser.HCUID,
                    aspnetMembershipUser.ProviderId);                    

                foreach(String role in Roles.GetRolesForUser(username))
                {
                    roles.Add(role);
                }
                //roles = Roles.GetRolesForUser(username);
                
            }
            return new HSDPrincipal(identity, roles);
        }
        #endregion

    }
}
